Switching Cyrus Sasl from BerkeleyDB to GDBM
Summary
cyrus-sasl package was built with libdb requirement, now it is replaced by gdbm.
Owner
- Name: Dmitry Belyavskiy
- Email: dbelyavs@redhat.com
Current status
- Targeted release: Fedora Linux 35
- Last updated: 2021-05-03
- FESCo issue: #2596
- Tracker bug: #1952926
- Release notes tracker: #688
Detailed Description
This change switches the default backend Key-Value DB used by sasldb plugin from BerkeleyDB to GDBM and provides a migration tool for automatic conversion from old to new format.
Feedback
Benefit to Fedora
According to more restrictive libdb licence policy exists effort to remove libdb's dependencies. cyrus-sasl package can now be built without libdb requirement.
Scope
- Proposal owners:
- Other developers:
The owners of the packages depending on cyrus-sasl sasldb plugin should provide the documentation about the migration procedure.
- Release engineering: [1]
- Policies and guidelines: not needed for this Change
- Trademark approval: N/A (not needed for this Change)
- Alignment with Objectives:
Upgrade/compatibility impact
The migration script should be used to upgrade the particular databases used by specific applications via sasldb plugin
How To Test
- Install the new version of the cyrus-sasl.
- Use the migration tool bdb2current provided by the package to migrate your sasldb file
- update the configuration file to point on the new sasldb file
- restart the application if necessary
- Check that auth is still working
User Experience
Dependencies
A lot of application use cyrus-sasl sasldb plugins. Their maintainers were notified via email and some of them have responded.
- 389-ds-base
- 389-ds-base-libs
- argus
- argus-clients
- autofs
- cyrus-imapd
- cyrus-sasl
- ekiga
- exim
- gvnc
- inn
- isync
- kdebase3-pim-ioslaves
- kdepim-runtime-libs
- kdepimlibs
- kf5-kimap
- kf5-kldap
- kf5-ksmtp
- kf5-libksieve
- libetpan
- libmemcached-libs
- libpurple
- librdkafka
- libvirt-daemon
- lua-cyrussasl
- mail-notification
- memcached
- mongo-c-driver-libs
- mozldap
- mutt
- myproxy-libs
- nmh
- openldap
- openldap-clients
- openldap-servers
- pcp-libs
- perl-Cyrus
- php-ldap
- php-pecl-memcached
- postfix
- ptlib
- python3-qpid-proton
- python3-subversion
- qca-cyrus-sasl
- qca-qt5-cyrus-sasl
- qemu-system*
- qpid-proton-c
- sendmail
- spice-glib
- spice-server
- squid
- sssd-ad
- subversion-libs
- subversion-ruby
- znc
The owners of the packages are recommended to create a sasldb base using the new version of cyrus-sasl and check that auth works normally for them. Also it would be useful to check that a migration tool works well for the existing base
Contingency Plan
- Contingency mechanism: Revert the shipped configuration
- Contingency deadline: F35 branch date (2021-08-10)
- Blocks release? Yes
Documentation
Here is the notification sent to known developers of the depending packages:
New version of the cyrus-sasl is planned to use the gdbm database for the sasldb plugins.
I've implemented the patch (https://src.fedoraproject.org/rpms/cyrus-sasl/pull-request/3#request_diff) changing the default DB and implementing the migration tool to make the switching from BerkeleyDB to GDBM seamless.
I kindly ask you to check the information in the following spreadsheet: https://docs.google.com/spreadsheets/d/1z5eTSm3rtlKtEKPCxhI_wE861Xzg8kbvINWixSwQmLg/edit?usp=sharing:
whether your package is affected by the proposed change whether the migration tool is suitable for your purposes
and let me know or mark the results in the table
Release Notes
a new version of the cyrus-sasl package is landing in rawhide.
This version changes the database used to store saslauthdb data. This is part of the move to deprecate use of Berkley DB. The new package will use GDBM instead.
We provided a tool to perform migrations for database should that be needed by a package:
The syntax of the migration tool is cyrusbdb2current <sasldb path> <new_path>
Please check whether your packages use the sasldb plugin and provide a relevant migration guideline.